exploit the possibilities
Showing 1 - 25 of 37 RSS Feed

Files Date: 2007-11-13

ATC-08-cfp.txt
Posted Nov 13, 2007
Site ux.uis.no

Call For Papers for the 5th International Conference on Autonomic and Trusted Computing to be held in Oslo, Norway from June 23 through June 25, 2008.

tags | paper, conference
MD5 | a6d3cfb39a26ba8c0b2b33124d731914
vtls-xss.txt
Posted Nov 13, 2007
Authored by Jesus Olmos Gonzalez

VTLS Inc.'s vtls.web.gateway CGI is susceptible to a cross site scripting vulnerability. Versions up to 48.1.0 are affected.

tags | exploit, web, cgi, xss
MD5 | 2a8b7b1bc67d3bbbf94037535e82cdfc
ProCheckUp Security Advisory 2007.13
Posted Nov 13, 2007
Authored by Adrian Pastor, ProCheckUp, Jan Fry | Site procheckup.com

A cross site scripting vulnerability exists in F5 Networks FirePass versions 5.4 through 5.5.2 and versions 6.0 through 6.0.1.

tags | advisory, xss
MD5 | 38cb24b936a46e1a0f3233a4764a3314
Mandriva Linux Security Advisory 2007.204
Posted Nov 13, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Alin Rad Pop of Secunia Research discovered a vulnerability in CUPS that can be exploited by malicious individuals to execute arbitrary code. This flaw is due to a boundary error when processing IPP (Internet Printing Protocol) tags. Due to incorrect build requirements/conflicts, the cups-config in Mandriva Linux 2008.0 was displaying the full CFLAGS and libs instead of just the libraries when 'cups-config --libs' was invoked. This update corrects the cups-config behaviour.

tags | advisory, arbitrary, protocol
systems | linux, mandriva
advisories | CVE-2007-4351
MD5 | 010e831f1ceb7b70422adc9007b89d76
Gentoo Linux Security Advisory 200711-16
Posted Nov 13, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200711-16 - Alin Rad Pop (Secunia Research) discovered an off-by-one error in the ippReadIO() function when handling Internet Printing Protocol (IPP) tags that might allow to overwrite one byte on the stack. Versions less than 1.2.12-r2 are affected.

tags | advisory, protocol
systems | linux, gentoo
advisories | CVE-2007-4351
MD5 | b80fe36cdf462f5ee677cccb59c25326
Gentoo Linux Security Advisory 200711-15
Posted Nov 13, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200711-15 - Sean de Regge reported multiple integer overflows when processing FLAC media files that could lead to improper memory allocations resulting in heap-based buffer overflows. Versions less than 1.2.1-r1 are affected.

tags | advisory, overflow
systems | linux, gentoo
advisories | CVE-2007-4619
MD5 | e8a6b3c13ae6bdef5e815020ef25e348
Gentoo Linux Security Advisory 200711-14
Posted Nov 13, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200711-14 - Multiple vulnerabilities have been reported in Mozilla Firefox and SeaMonkey. Various errors in the browser engine and the Javascript engine can be exploited to cause a memory corruption. Before being used in a request, input passed to the user ID when making an HTTP request with digest authentication is not properly sanitized. The titlebar can be hidden by a XUL markup language document. Additionally, an error exists in the handling of smb: and sftp: URI schemes on systems with gnome-vfs support. An unspecified error in the handling of XPCNativeWrappers and not properly implementing JavaScript onUnload() handlers may allow the execution of arbitrary Javascript code. Another error is triggered by using the addMicrosummaryGenerator sidebar method to access file: URIs. Versions less than 2.0.0.9 are affected.

tags | advisory, web, arbitrary, javascript, vulnerability
systems | linux, gentoo
advisories | CVE-2007-1095, CVE-2007-2292, CVE-2007-5334, CVE-2007-5335, CVE-2007-5337, CVE-2007-5338, CVE-2007-5339, CVE-2007-5340
MD5 | fa96dd3103e47ec1c52a35f012f0fd03
autoindex-xss.txt
Posted Nov 13, 2007
Authored by L4teral

AutoIndex versions 2.2.2 and below suffer from cross site scripting and denial of service vulnerabilities.

tags | exploit, denial of service, vulnerability, xss
MD5 | 10c2051a25f8cdd661fc3e1fb2e02924
x7-xss.txt
Posted Nov 13, 2007
Authored by ShAy6oOoN

X7 Chat version 2.0.4 is susceptible to cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 7454cfb6a641f1cf7961dc3a698d282f
rfid-angelo-rosiello.pdf
Posted Nov 13, 2007
Authored by Angelo Rosiello, rosiello | Site rosiello.org

RFID: Security Briefings. A set of slides from a talk that discusses how RFID works and security menaces related to RFID.

MD5 | 74026e4fae989c7dfbc023caf422b9de
HP Security Bulletin 2007-14.85
Posted Nov 13, 2007
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running HP Secure Shell. The vulnerability could be exploited remotely to gain extended privileges.

tags | advisory, shell
systems | hpux
advisories | CVE-2007-4752
MD5 | 2150f26620e2f6c3b7296e1bad71fb2b
safrcdlg-overflow.txt
Posted Nov 13, 2007
Authored by Elazar Broad

The Microsoft Remote Help safrcdlg.dll appears to suffer from a buffer overflow vulnerability.

tags | advisory, remote, overflow
MD5 | 5b8e23d1f09548e80c7ef89b763d71b8
iDEFENSE Security Advisory 2007-11-12.1
Posted Nov 13, 2007
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 11.12.07 - Local exploitation of an invalid array indexing vulnerability in the NPF.SYS device driver of WinPcap allows attackers to execute arbitrary code in kernel context. The problem specifically exists within the bpf_filter_init function. In several places throughout this function, values supplied from a potential attacker are used as array indexes without proper bounds checking. By making IOCTL requests with specially chosen values, attackers are able to corrupt the stack, or pool memory, within the kernel. iDefense has confirmed the existence of this vulnerability in version 4.0.1 of WinPcap as included in Wireshark 0.99.6a. The version of NPF.SYS tested was 4.0.0.901. iDefense suspects older versions to also be vulnerable.

tags | advisory, arbitrary, kernel, local
advisories | CVE-2007-5756
MD5 | ccb4207f94afc8cd90c0b5776dc0c638
oracle-sysdba.txt
Posted Nov 13, 2007
Authored by Pete Finnigan

Tanel Poder has found a way to get SYSDBA access to the Oracle database by utilizing a user who has the BECOME USER system privilege, execute privileges on KUPP$PROC.CHANGE_USER and CREATE SESSION.

tags | advisory
MD5 | 6e0ac7cb849365bf62c2d03852f33d25
CVE-2007-3694-bm.txt
Posted Nov 13, 2007
Authored by Hanno Boeck | Site hboeck.de

Broadcast Machine is susceptible a cross site scripting vulnerability in the login form.

tags | exploit, xss
advisories | CVE-2007-3694
MD5 | af5ef361335a152dc3da006e882a4a6d
Debian Linux Security Advisory 1405-2
Posted Nov 13, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1405-2 - The zope-cmfplone update in DSA 1405 introduced a regression. This update corrects this flaw.

tags | advisory
systems | linux, debian
advisories | CVE-2007-5741
MD5 | 347d7f36794b6872add8dd766ad92774
Nikto Web Scanner 2.00
Posted Nov 13, 2007
Authored by Sullo | Site cirt.net

Nikto is an Open Source web server scanner which performs comprehensive tests against web servers for multiple items, including over 3500 potentially dangerous files/CGIs, versions on over 900 servers, and version specific problems on over 250 servers.

Changes: Version 2 adds many enhancements to reduce false positives, server fingerprinting, scan tuning, HTML report templates, optimizations and more.
tags | web, cgi
systems | unix
MD5 | 64814606e342d3988093c7b8af9779c4
alice-0.1.tar.gz
Posted Nov 13, 2007
Authored by CtrlAltCa

This code creates standard dns A queries with a spoofed sender ip address. In particular conditions, this can lead to a denial of service (answers weighs more than queries). Based on snoof.c.

tags | denial of service, spoof
MD5 | b1267eb3ebaf3d5588f44b3168b8c847
eggblog-xss.txt
Posted Nov 13, 2007
Authored by Mesut Timur | Site h-labs.org

Eggblog version 3.1.0 is susceptible to cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | fb2bc0b01041daf3e29e60d0c593348c
aspxshell.aspx.txt
Posted Nov 13, 2007
Authored by LT

Basic ASP.NET shell that, once uploaded to a server, can be used to execute shell commands and upload, download, and delete files.

tags | tool, shell, rootkit, asp
systems | unix
MD5 | 34882fb3b2aef7b21f25f49a346092dd
bt-pwnage.txt
Posted Nov 13, 2007
Authored by PAgVac | Site gnucitizen.org

Pwning the BT Home Hub details have been published. Various cross site scripting and cross site request forgery issues still exist.

tags | advisory, xss, csrf
MD5 | 33bf36a9c0244909428ecd0367127de6
phpnukema-sql.txt
Posted Nov 13, 2007
Authored by Guns | Site 0x90.com.ar

PHP-Nuke Module Advertising blind SQL injection exploit.

tags | exploit, php, sql injection
MD5 | 387e9b73cdd9dec64053915dd996ef01
iedosowc11-dos.txt
Posted Nov 13, 2007
Authored by Elazar Broad

An unhandled memory access violation in the OWC11.DataSourceControl in Internet Explorer may cause a denial of service condition.

tags | advisory, denial of service
MD5 | 167bf60f97e78d10625a872a2a1640e3
psm-rfi.txt
Posted Nov 13, 2007
Authored by fl0 fl0w | Site fl0-fl0w.docspages.com

PhpSiteManager Beta2 suffers from remote file inclusion vulnerabilities.

tags | exploit, remote, vulnerability, code execution, file inclusion
MD5 | 561df89d436febc8f0c75ecf6df162f2
chems-rfi.txt
Posted Nov 13, 2007
Authored by fl0 fl0w | Site fl0-fl0w.docspages.com

Chems version 0.2 suffers from remote file inclusion vulnerabilities.

tags | exploit, remote, vulnerability, code execution, file inclusion
MD5 | f4ff4ec76d906f690b07a9aadbe369bb
Page 1 of 2
Back12Next

File Archive:

October 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    24 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    7 Files
  • 4
    Oct 4th
    4 Files
  • 5
    Oct 5th
    10 Files
  • 6
    Oct 6th
    1 Files
  • 7
    Oct 7th
    21 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    5 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    17 Files
  • 12
    Oct 12th
    4 Files
  • 13
    Oct 13th
    4 Files
  • 14
    Oct 14th
    15 Files
  • 15
    Oct 15th
    19 Files
  • 16
    Oct 16th
    25 Files
  • 17
    Oct 17th
    17 Files
  • 18
    Oct 18th
    7 Files
  • 19
    Oct 19th
    1 Files
  • 20
    Oct 20th
    4 Files
  • 21
    Oct 21st
    2 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close